With the development of extensive computerised memory and the need for confidentiality of data stored within that memory, there have been developed a number of methods of preventing the theft of that "secret" information. Traditionally, computer software has been protected by means of encryption and decryption programming. Also, encryption and decryption hardware elements have been incorporated into specific electronic packages to perform data protection under software control. With the development of suitable algorithms and keys contained in alterable memory, it has been possible to successfully protect data from an information thief or hacker who attempts to access that data by software means.
However, these known methods offer little security from a hardware hacker who obtains electronic information through physical access to such electronic circuitry. Electronic information or data compromise can occur by drilling through existing encapsulants of electronic circuitry so as to access data and/or address buses. These may be located by X-ray radiography and/or ultrasonic techniques. Alternatively, employment of thermal, solvent, acid, simple mechanical scraping or mechanical fracture methods can be used to expose the data and/or address buses associated with the alterable memory.
Such alterable memory can comprise EPROM, E.sup.2 PROM, RAM, DRAM and PROM. Some devices though having some protection, permit learning of the methodology so that a thief can steal one device and therefore know the next. However, the hardware hacker can obtain no information from a severed communication channel external to the device due to software methods such as encryption and authentication procedures. Once the information thief or hacker has gained the knowledge of the authentication procedures and the data codes necessary, one could make use of this information to advantage. These types of security problems are particularly relevant to financial institutions which use security systems to secure computerised transfer of funds, the value of which is several millions of dollars per hour. In the case of a financial institution, once an information thief or hacker has gained the authentication procedure and the necessary data codes, illicit funds transfer could occur and the transfer would appear as a legal and authorised transaction. As such, any security compromise could result in the financial institution incurring fraud losses, loss of integrity, recovery costs, adverse publicity and loss of commercial confidence.
U.S. Pat. Nos. 4,593,384; 4,691,350; 4,807,284 and 4,811,288 cover the area of securing stored data using a device that physically surrounds the circuit board being protected.
The security device in the 4 patents is comprised of:
1) a number of ceramic components that form a box that surrounds the circuit board. Ceramic is used because of its chemical resistance,
2) within the ceramic components are a number of conductive epoxy paths and sheets through which a hacker would penetrate if attempted penetration occurred,
3) in certain embodiments these conductive paths may also be connected via thin wires that pass through the circuit board,
4) in a further embodiment thin nickel/gold layers were deposited onto the inside face of the ceramic housing. These layers were then etched to form parallel gold conductive paths (10-25 .mu.m thick with same spacing).
5) by shorting or breaking the conductive paths or sheets, a sense circuit will generate a low voltage that sets the RESET on the memory to be protected, and
6) a low temperature sensor (an unbalanced circuit) will also generate a low voltage if the temperature falls below -25.degree. C. This ensures that if an attempt is made to freeze the memory below -90.degree. C. in order to bypass the security device, the memory will be destroyed and thus protected.
U.S. Pat. No. 4,783,801 is for a security device to protect a circuit board. The security device is comprised of:
1) a housing in which one or more detectors may be situated. These detectors being vibration detectors, thermometers, microphones or conductive paths that are shorted or broken upon penetration, and
2) the interface circuitry includes a clock arrangement that turns on the detectors for short intervals (i.e.: 10 ms every second) leading to a saving of up to 99% of the battery power and ensuring that the battery does not have to be periodically replaced. The interface can also decide whether to destroy the memory using majority information from its detectors. (i.e. 3 detectors out of 5 say yes then the interface corrupts the memory).
U.S. Pat. No. 4,860,351 relates to a security device for a circuit board. The security device is comprised of:
1) very thin insulated Nichrome wire is wrapped in very tight coils around the circuit to be protected. The circuit and enclosing wire is potted within an opaque cross-linked filled epoxy. The filler in the epoxy is alumina or silica which makes the epoxy difficult to machine,
2) if penetration is attempted the wires are shorted or broken, the interface circuit will sense this and destroy the memory, and
3) the wire is wrapped as several strands which enhances sensitivity to shorts and reduces EMI pickup due to cancellation. The wire wrap also forms an EM shield.
Such techniques have been proposed to provide protection against such compromise or ingress. However, these methods are complex and integrated with the device to be protected, thus making that device irreparable. Overall, this invention is based on different materials and methods which will offer protection to data system(s) including such memory devices indicated below whilst permitting economic repairability and therefore recycling of that device.
Various methods are known to prevent or frustrate transmission of x-rays and other short wavelength radiation.
AU 41240/78 teaches that barium titanate, barium fluoride and lead sulfate can be added to an organo polysiloxane resin for X-ray shielding applications.
AU 17377/88 teaches that barytes can be added to Plaster-of-paris up to 60% by weight with Plaster-of-paris 35% by weight and other fillers, sealers and hardeners comprising the other 5% by weight. It is envisaged for use as an economic alternative to lead in floor, wall and ceiling shielding in hospitals.
WO89/09472 relates to oxides, hydroxides and salts of bismuth loaded into polyethylene at weight fractions ranging from 30 to 80% for use as flexible protection in surgical clothing such as gloves, aprons, boots and overalls.
GB 1 575 527 describes X-ray opaque surgical sponges using elastomers (i.e: polyisobutylene, PVC and copolymers of VA and VC) loaded with 40 to 90% weight fraction barium sulphate.
Such methods can be used to enhance the devices of the present invention.